Code Coverage |
||||||||||
Classes and Traits |
Functions and Methods |
Lines |
||||||||
| Total | |
0.00% |
0 / 1 |
|
57.14% |
8 / 14 |
CRAP | |
61.70% |
29 / 47 |
| RootBasedAclWrapper | |
0.00% |
0 / 1 |
|
57.14% |
8 / 14 |
60.11 | |
61.70% |
29 / 47 |
| __construct | |
100.00% |
1 / 1 |
1 | |
100.00% |
3 / 3 |
|||
| getClassAces | |
100.00% |
1 / 1 |
5 | |
100.00% |
12 / 12 |
|||
| getClassFieldAces | |
0.00% |
0 / 1 |
30.00 | |
0.00% |
0 / 12 |
|||
| getObjectAces | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
|||
| getObjectFieldAces | |
0.00% |
0 / 1 |
2.00 | |
0.00% |
0 / 1 |
|||
| getObjectIdentity | |
100.00% |
1 / 1 |
3 | |
100.00% |
3 / 3 |
|||
| getParentAcl | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
|||
| isEntriesInheriting | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
|||
| isFieldGranted | |
0.00% |
0 / 1 |
2.00 | |
0.00% |
0 / 2 |
|||
| isGranted | |
100.00% |
1 / 1 |
1 | |
100.00% |
2 / 2 |
|||
| isSidLoaded | |
0.00% |
0 / 1 |
2.00 | |
0.00% |
0 / 1 |
|||
| serialize | |
0.00% |
0 / 1 |
2.00 | |
0.00% |
0 / 1 |
|||
| unserialize | |
0.00% |
0 / 1 |
2.00 | |
0.00% |
0 / 1 |
|||
| getPermissionGrantingStrategy | |
100.00% |
1 / 1 |
2 | |
100.00% |
6 / 6 |
|||
| <?php | |
| namespace Oro\Bundle\SecurityBundle\Acl\Domain; | |
| use Symfony\Component\Security\Acl\Domain\Acl; | |
| use Symfony\Component\Security\Acl\Model\AclInterface; | |
| use Symfony\Component\Security\Acl\Model\EntryInterface; | |
| use Symfony\Component\Security\Acl\Model\PermissionGrantingStrategyInterface; | |
| class RootBasedAclWrapper implements AclInterface | |
| { | |
| /** | |
| * @var Acl | |
| */ | |
| private $acl; | |
| /** | |
| * @var Acl | |
| */ | |
| private $rootAcl; | |
| /** | |
| * @var PermissionGrantingStrategyInterface | |
| */ | |
| private $permissionGrantingStrategy; | |
| /** | |
| * Constructor | |
| * | |
| * @param Acl $acl | |
| * @param Acl $rootAcl | |
| */ | |
| public function __construct(Acl $acl, Acl $rootAcl) | |
| { | |
| $this->acl = $acl; | |
| $this->rootAcl = $rootAcl; | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function getClassAces() | |
| { | |
| /** @var EntryInterface[] $aces */ | |
| $aces = $this->acl->getClassAces(); | |
| /** @var EntryInterface[] $rootAces */ | |
| $rootAces = $this->rootAcl->getObjectAces(); | |
| foreach ($rootAces as $rootAce) { | |
| $exists = false; | |
| $rootSid = $rootAce->getSecurityIdentity(); | |
| foreach ($aces as $ace) { | |
| if ($rootSid->equals($ace->getSecurityIdentity())) { | |
| $exists = true; | |
| break; | |
| } | |
| } | |
| if (!$exists) { | |
| $aces[] = $rootAce; | |
| } | |
| } | |
| return $aces; | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function getClassFieldAces($field) | |
| { | |
| /** @var EntryInterface[] $aces */ | |
| $aces = $this->acl->getClassFieldAces($field); | |
| /** @var EntryInterface[] $rootAces */ | |
| $rootAces = $this->rootAcl->getObjectFieldAces($field); | |
| foreach ($rootAces as $rootAce) { | |
| $exists = false; | |
| $rootSid = $rootAce->getSecurityIdentity(); | |
| foreach ($aces as $ace) { | |
| if ($rootSid->equals($ace->getSecurityIdentity())) { | |
| $exists = true; | |
| break; | |
| } | |
| } | |
| if (!$exists) { | |
| $aces[] = $rootAce; | |
| } | |
| } | |
| return $aces; | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function getObjectAces() | |
| { | |
| return $this->acl->getObjectAces(); | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function getObjectFieldAces($field) | |
| { | |
| return $this->acl->getObjectFieldAces($field); | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function getObjectIdentity() | |
| { | |
| /** | |
| * @todo: Check ObjectIdentity for ACL records from the database. | |
| * It is quite possible we will have to return rootAcl ObjectIdentity to | |
| * turn additional ACL masks check by AclExtension::adaptRootMask() method. | |
| */ | |
| if (!count($this->acl->getClassAces()) && !count($this->acl->getObjectAces())) { | |
| return $this->rootAcl->getObjectIdentity(); | |
| } | |
| return $this->acl->getObjectIdentity(); | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function getParentAcl() | |
| { | |
| return $this->acl->getParentAcl(); | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function isEntriesInheriting() | |
| { | |
| return $this->acl->isEntriesInheriting(); | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function isFieldGranted($field, array $masks, array $securityIdentities, $administrativeMode = false) | |
| { | |
| return $this->getPermissionGrantingStrategy() | |
| ->isFieldGranted($this, $field, $masks, $securityIdentities, $administrativeMode); | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function isGranted(array $masks, array $securityIdentities, $administrativeMode = false) | |
| { | |
| return $this->getPermissionGrantingStrategy() | |
| ->isGranted($this, $masks, $securityIdentities, $administrativeMode); | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function isSidLoaded($securityIdentities) | |
| { | |
| return $this->acl->isSidLoaded($securityIdentities); | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function serialize() | |
| { | |
| throw new \LogicException('Not supported.'); | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function unserialize($serialized) | |
| { | |
| throw new \LogicException('Not supported.'); | |
| } | |
| /** | |
| * Gets the permission granting strategy implementation | |
| * | |
| * @return PermissionGrantingStrategyInterface | |
| */ | |
| protected function getPermissionGrantingStrategy() | |
| { | |
| if ($this->permissionGrantingStrategy === null) { | |
| // Unfortunately permissionGrantingStrategy property is private, so the only way | |
| // to get it is to use the reflection | |
| $r = new \ReflectionClass(get_class($this->acl)); | |
| $p = $r->getProperty('permissionGrantingStrategy'); | |
| $p->setAccessible(true); | |
| $this->permissionGrantingStrategy = $p->getValue($this->acl); | |
| } | |
| return $this->permissionGrantingStrategy; | |
| } | |
| } |